KXStudio
/
Website
mirror of https://github.com/KXStudio/Website
1
0
Fork 0
Code Releases 0 Activity
KXStudio Website https://kx.studio/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
203 Commits
2 Branches
188MB
Tree: 94c48bea2a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '94c48bea2a'
${ noResults }
Website/News/modules/comments/model.Comment.php

model.Comment.php 12KB
Raw Normal View History

Import news
9 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303 
  1. <?php

  2.     /**

  3.      * Class: Comment

  4.      * The model for the Comments SQL table.

  5.      *

  6.      * See Also:

  7.      *     <Model>

  8.      */

  9.     class Comment extends Model {

  10.         public $no_results = false;

  11. 

  12.         public $belongs_to = array("post", "user");

  13. 

  14.         /**

  15.          * Function: __construct

  16.          * See Also:

  17.          *     <Model::grab>

  18.          */

  19.         public function __construct($comment_id, $options = array()) {

  20.             parent::grab($this, $comment_id, $options);

  21. 

  22.             if ($this->no_results)

  23.                 return false;

  24. 

  25.             $this->body_unfiltered = $this->body;

  26.             $group = ($this->user_id and !$this->user->no_results) ?

  27.                          $this->user->group :

  28.                          new Group(Config::current()->guest_group) ;

  29. 

  30.             $this->filtered = !isset($options["filter"]) or $options["filter"];

  31. 

  32.             $trigger = Trigger::current();

  33. 

  34.             $trigger->filter($this, "comment");

  35. 

  36.             if ($this->filtered) {

  37.                 if (($this->status != "pingback" and $this->status != "trackback") and !$group->can("code_in_comments"))

  38.                     $this->body = strip_tags($this->body, "<".join("><", Config::current()->allowed_comment_html).">");

  39. 

  40.                 $this->body_unfiltered = $this->body;

  41. 

  42.                 $trigger->filter($this->body, array("markup_text", "markup_comment_text"));

  43. 

  44.                 $trigger->filter($this, "filter_comment");

  45.             }

  46.         }

  47. 

  48.         /**

  49.          * Function: find

  50.          * See Also:

  51.          *     <Model::search>

  52.          */

  53.         static function find($options = array(), $options_for_object = array()) {

  54.             return parent::search(get_class(), $options, $options_for_object);

  55.         }

  56. 

  57.         /**

  58.          * Function: create

  59.          * Attempts to create a comment using the passed information. If a Defensio API key is present, it will check it.

  60.          *

  61.          * Parameters:

  62.          *     $author - The name of the commenter.

  63.          *     $email - The commenter's email.

  64.          *     $url - The commenter's website.

  65.          *     $body - The comment.

  66.          *     $post - The <Post> they're commenting on.

  67.          *     $type - The type of comment. Optional, used for trackbacks/pingbacks.

  68.          */

  69.         static function create($author, $email, $url, $body, $post, $type = null) {

  70.             if (!self::user_can($post->id) and !in_array($type, array("trackback", "pingback")))

  71.                 return;

  72. 

  73.             $config = Config::current();

  74.             $route = Route::current();

  75.             $visitor = Visitor::current();

  76. 

  77.             if (!$type) {

  78.                 $status = ($post->user_id == $visitor->id) ? "approved" : $config->default_comment_status ;

  79.                 $type = "comment";

  80.             } else

  81.                 $status = $type;

  82. 

  83.             if (!empty($config->akismet_api_key)) {

  84.                 $akismet = new Akismet($config->url, $config->akismet_api_key);

  85. 

  86.                 $akismet->setCommentAuthor($author);

  87.                 $akismet->setCommentAuthorEmail($email);

  88.                 $akismet->setCommentAuthorURL($url);

  89.                 $akismet->setCommentContent($body);

  90.                 $akismet->setPermalink($post->url());

  91.                 $akismet->setCommentType($type);

  92.                 $akismet->setReferrer($_SERVER['HTTP_REFERER']);

  93.                 $akismet->setUserIP($_SERVER['REMOTE_ADDR']);

  94. 

  95.                 if ($akismet->isCommentSpam()) {

  96.                     self::add($body,

  97.                               $author,

  98.                               $url,

  99.                               $email,

  100.                               $_SERVER['REMOTE_ADDR'],

  101.                               $_SERVER['HTTP_USER_AGENT'],

  102.                               "spam",

  103.                               null,

  104.                               null,

  105.                               $post,

  106.                               $visitor->id);

  107.                     error(__("Spam Comment"), __("Your comment has been marked as spam. It will have to be approved before it will show up.", "comments"));

  108.                 } else {

  109.                     $comment = self::add($body,

  110.                                          $author,

  111.                                          $url,

  112.                                          $email,

  113.                                          $_SERVER['REMOTE_ADDR'],

  114.                                          $_SERVER['HTTP_USER_AGENT'],

  115.                                          $status,

  116.                                          null,

  117.                                          null,

  118.                                          $post,

  119.                                          $visitor->id);

  120. 

  121.                     fallback($_SESSION['comments'], array());

  122.                     $_SESSION['comments'][] = $comment->id;

  123. 

  124.                     if (isset($_POST['ajax']))

  125.                         exit("{ \"comment_id\": \"".$comment->id."\", \"comment_timestamp\": \"".$comment->created_at."\" }");

  126. 

  127.                     Flash::notice(__("Comment added."), $post->url()."#comment_".$comment->id);

  128.                 }

  129.             } else {

  130.                 $comment = self::add($body,

  131.                                      $author,

  132.                                      $url,

  133.                                      $email,

  134.                                      $_SERVER['REMOTE_ADDR'],

  135.                                      $_SERVER['HTTP_USER_AGENT'],

  136.                                      $status,

  137.                                      null,

  138.                                      null,

  139.                                      $post,

  140.                                      $visitor->id);

  141. 

  142.                 fallback($_SESSION['comments'], array());

  143.                 $_SESSION['comments'][] = $comment->id;

  144. 

  145.                 if (isset($_POST['ajax']))

  146.                     exit("{ \"comment_id\": \"".$comment->id."\", \"comment_timestamp\": \"".$comment->created_at."\" }");

  147. 

  148.                 Flash::notice(__("Comment added."), $post->url()."#comment_".$comment->id);

  149.             }

  150.         }

  151. 

  152.         /**

  153.          * Function: add

  154.          * Adds a comment to the database.

  155.          *

  156.          * Parameters:

  157.          *     $body - The comment.

  158.          *     $author - The name of the commenter.

  159.          *     $url - The commenter's website.

  160.          *     $email - The commenter's email.

  161.          *     $ip - The commenter's IP address.

  162.          *     $agent - The commenter's user agent.

  163.          *     $status - The new comment's status.

  164.          *     $created_at - The new comment's "created" timestamp.

  165.          *     $updated_at - The new comment's "last updated" timestamp.

  166.          *     $post - The <Post> they're commenting on.

  167.          *     $user_id - The ID of this <User> this comment was made by.

  168.          */

  169.         static function add($body, $author, $url, $email, $ip, $agent, $status, $created_at = null, $updated_at = null, $post, $user_id) {

  170.             if (!empty($url)) # Add the http:// if it isn't there.

  171.                 if (!@parse_url($url, PHP_URL_SCHEME))

  172.                     $url = "http://".$url;

  173. 

  174.             $ip = ip2long($ip);

  175.             if ($ip === false)

  176.                 $ip = 0;

  177. 

  178.             $sql = SQL::current();

  179.             $sql->insert("comments",

  180.                          array("body" => $body,

  181.                                "author" => strip_tags($author),

  182.                                "author_url" => strip_tags($url),

  183.                                "author_email" => strip_tags($email),

  184.                                "author_ip" => $ip,

  185.                                "author_agent" => $agent,

  186.                                "status" => $status,

  187.                                "created_at" => oneof($created_at, datetime()),

  188.                                "updated_at" => oneof($updated_at, "0000-00-00 00:00:00"),

  189.                                "post_id" => $post->id,

  190.                                "user_id"=> $user_id));

  191.             $new = new self($sql->latest("comments"));

  192. 

  193.             Trigger::current()->call("add_comment", $new);

  194.             return $new;

  195.         }

  196. 

  197.         public function update($author, $author_email, $author_url, $body, $status, $timestamp, $update_timestamp = true) {

  198.             $sql = SQL::current();

  199.             $sql->update("comments",

  200.                          array("id" => $this->id),

  201.                          array("author" => strip_tags($author),

  202.                                "author_email" => strip_tags($author_email),

  203.                                "author_url" => strip_tags($author_url),

  204.                                "body" => $body,

  205.                                "status" => $status,

  206.                                "created_at" => $timestamp,

  207.                                "updated_at" => ($update_timestamp) ? datetime() : $this->updated_at));

  208. 

  209.             Trigger::current()->call("update_comment", $this, $author, $author_email, $author_url, $body, $status, $timestamp, $update_timestamp);

  210.         }

  211. 

  212.         static function delete($comment_id) {

  213.             $trigger = Trigger::current();

  214.             if ($trigger->exists("delete_comment"))

  215.                 $trigger->call("delete_comment", new self($comment_id));

  216. 

  217.             SQL::current()->delete("comments", array("id" => $comment_id));

  218.         }

  219. 

  220.         public function editable($user = null) {

  221.             fallback($user, Visitor::current());

  222.             return ($user->group->can("edit_comment") or ($user->group->can("edit_own_comment") and $user->id == $this->user_id));

  223.         }

  224. 

  225.         public function deletable($user = null) {

  226.             fallback($user, Visitor::current());

  227.             return ($user->group->can("delete_comment") or ($user->group->can("delete_own_comment") and $user->id == $this->user_id));

  228.         }

  229. 

  230.         /**

  231.          * Function: any_editable

  232.          * Checks if the <Visitor> can edit any comments.

  233.          */

  234.         static function any_editable() {

  235.             $visitor = Visitor::current();

  236. 

  237.             # Can they edit comments?

  238.             if ($visitor->group->can("edit_comment"))

  239.                 return true;

  240. 

  241.             # Can they edit their own comments, and do they have any?

  242.             if ($visitor->group->can("edit_own_comment") and

  243.                 SQL::current()->count("comments", array("user_id" => $visitor->id)))

  244.                 return true;

  245. 

  246.             return false;

  247.         }

  248. 

  249.         /**

  250.          * Function: any_deletable

  251.          * Checks if the <Visitor> can delete any comments.

  252.          */

  253.         static function any_deletable() {

  254.             $visitor = Visitor::current();

  255. 

  256.             # Can they delete comments?

  257.             if ($visitor->group->can("delete_comment"))

  258.                 return true;

  259. 

  260.             # Can they delete their own comments, and do they have any?

  261.             if ($visitor->group->can("delete_own_comment") and

  262.                 SQL::current()->count("comments", array("user_id" => $visitor->id)))

  263.                 return true;

  264. 

  265.             return false;

  266.         }

  267. 

  268.         public function author_link() {

  269.             if ($this->author_url != "") # If a URL is set

  270.                 return '<a href="'.$this->author_url.'">'.$this->author.'</a>';

  271.             else # If not, just return their name

  272.                 return $this->author;

  273.         }

  274. 

  275.         static function user_can($post) {

  276.             $visitor = Visitor::current();

  277.             if (!$visitor->group->can("add_comment")) return false;

  278. 

  279.             // assume allowed comments by default

  280.             return empty($post->comment_status) or

  281.                    !($post->comment_status == "closed" or

  282.                     ($post->comment_status == "registered_only" and !logged_in()) or

  283.                     ($post->comment_status == "private" and !$visitor->group->can("add_comment_private")));

  284.         }

  285. 

  286.         static function user_count($user_id) {

  287.             $count = SQL::current()->count("comments", array("user_id" => $user_id));

  288.             return $count;

  289.         }

  290. 

  291.         # !! DEPRECATED AFTER 2.0 !!

  292.         public function post() {

  293.             return new Post($this->post_id);

  294.         }

  295. 

  296.         # !! DEPRECATED AFTER 2.0 !!

  297.         public function user() {

  298.             if ($this->user_id)

  299.                 return new User($this->user_id);

  300.             else

  301.                 return false;

  302.         }

  303.     }